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Art Unit: 2162 

DETAILED ACTION 

1 . This communication is responsive to Applicant's Amendment, filed on 01 
December 2006. 

2. Claims 1, 3-9, 11-14, 16, and 18-29 are pending in this application. Claim 1, 9, 
16, and 24 are independent claims. In the Amendment filed on 01 December 2006, 
claims 2, 10, 15, and 17 were cancelled and claims 1, 9, 16, and 24 were amended. 
This office action is made final. 

Claim Objections 

3. Claim 28 and 29 objected to because of the following informalities: said claims 
depends on claim 2, which was cancelled. Correction of "The method of claim 2" to "The 
method of claim 1" is suggested. Appropriate correction is required. 



Response to Arguments 

4. Applicant's arguments filed on 01 December 2006 have been considered but are 
moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

7. Claim 1, 3, 4, 8, 9, 1 1, 16, 18, 19, 23, and 24 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Sylor et al., (hereinafter "Sylor")(U.S. Patent Application 
Publication Number 2002/0186238) in view of Brun et al., (hereinafter "Brun") 
(European Patent Application EP1009130A1), and further in view of Barzilai et al., 
(hereinafter "Barzilai") (U.S. Patent Application Publication Number 2002/0104015). 

Referring to claim 1 , Sylor is directed to a system and method for managing 
resources and teaches the limitations: 
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"accessing a list of resources, wherein a resource comprises an object defined 
by a service type" (Paragraph 0049, i.e., visual hierarchy derives from a logical 
hierarchy containing resources in dependency relationship with one another; Paragraph 
00663, i.e., Conceptually, resource 24 is a placeholder for a wide range of things: 
usually, it performs a function; and Paragraph 0051, i.e., Resources include hardware, 
applications, sen/ices, business processes, organizational structures....) and "wherein 
a resource is identifiable by a resource name" (Sylor , Paragraph 0064, i.e., Properties 
of resource 24 include a name); 

"relationship determines that the second resource is a sub-resource of the first 
resource" (Paragraph 0088, i.e., logical hierarchy 30 can organize information into tiers, 
with parent-child relationships are based on dependency relationships 78. Therefore, 
resources at lower levels (children) in the tree are sub-resources of the resources at 
higher levels (parents) (Paragraph 0088, i.e., parent resource profiles 77 can provide to 
multiple child resource profiles 77, as with a server that provides multiple networked 
services, while each of the networked services (for instance, DNS, file sharing, and 
network security) provides its features to multiple software applications). This disclosure 
of Sylor clearly teaches a hierarchy wherein resources and sub-resources are 
organized.); and 

"representing said first and second resources in a hierarchical organization 
reflecting said relationship, wherein said hierarchical organization comprises a top-level 
resource name and a plurality of sub-resource names corresponding to said top level 
resource name, wherein said plurality of sub-resource names comprises said top level 
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resource name and an additional name portion separated from said top-level name" 
(Paragraph 0049-0050, i.e., logical hierarchy; Paragraph 0088, i.e., logical hierarchy 30 
can organize information into tiers, with parent-child relationships are based on 
dependency relationships 78; Paragraph 0088, i.e., pare/7* resource profiles 77 can 
provide to multiple child resource profiles 77 \ as with a server that provides multiple 
networked services, while each of the networked services (for instance, DNS, file 
sharing, and network security) provides its features to multiple software applications; 
and Paragraph 0089, i.e., the path-uniqueness of directed tree 39). Note that in the said 
hierarchical tree of resources (logical hierarchy of Sylor), parent nodes bear top-level 
names and child nodes bear sub-resource names to conform to path-uniqueness of a 
directed tree and that it is well known in the art that a path-unique name of a tree 
comprises name of parents up to the root and name of child (i.e., top-level resource 
name and additional resource name) delimited by a slash. 

Sylor does not explicitly teach the limitations: "comparing a first resource name 
for a first resource to a second resource name for a second resource to identify 
relationship between said first and second resources wherein said relationship is based 
on said first resource name and said second resource name"; " by a delimiter", 
"intercepting a requesting identifying a resource name"; "locating said resource in said 
hierarchical organization, wherein said resource is subject to a policy definition 
governing access to said resource, wherein the policy definition comprises: a rule that 
references said resource and comprises at least one action associated with the 
resource, a condition that comprises a constraint on the at least one action, a subject 
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that defines a collection of users to whom the policy definition applies; and a referral 
that comprises an identification of a second policy decision point to which the evaluation 
of the policy definition is being delegated". 

On the other hand, Brun teaches the limitations: 

""comparing a first resource name for a first resource to a second resource name 
for a second resource to identify relationship between said first and second resources 
wherein said relationship is based on said first resource name and said second 
resource name" (Page 1 Line-32-42, i.e., comparing resource name prefix with the 
prefixes stored in an access border node directory; Column 15 Line35-57, Column 16 
Line-30-50 and Column 19 Line-32 through Column 20 Line-45. Particular note that the 
method and system of Brun is comparing "prefix" of a resource name to a with prefixes 
stored in an access directory name database (Brun , Column 1 Line-32-42). Also, 
Figure 9 of the specification of Brun discloses matching (comparing) prefixes of a 
resource name to other prefixes in order to identify relationship between resource 
names based on first resource name and second resource name. ); and 

" by a delimiter" (Column 15 Line35-57, i.e., Resource Identifier Type: this 
describes the addressing scheme used for this user (E.164, X.121, NSAP, ) . NSAP 
stands for Network Service Access Point and is one of two types hierarchical address 
and is defined in ISO/IEC 8348. Said NSAP and other addressing schemes such as 
E.164, X.121 all employ hierarchical name systems, wherein a top-level name and a 
plurality of sub-resource names corresponding said top level name are used. Said 
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plurality of sub-resource names comprises said top-level name and an additional name 
portion separated from said top-level resource name by. a delimiter (a dot). 
Barzilai teaches the limitations: 

"intercepting a requesting identifying a resource name" (Barzilai, Paragraph 

0012, i.e., For each time of user information requested by the application, the EPM 
checks for compliance of the application with the privacy policies subject to which the 
users submitted the information. Access is granted, preferably on a per-user, pentem 
basis, only after compliance has been verified')] 

"locating said resource in said hierarchical organization" (Barzilai, Paragraph 

0013, i.e., the information exchange nodes are arranged in a hierarchical structure), 
"wherein said resource is subject to a policy definition governing access to said 
resource" (Barzilai, Paragraph 0012, i.e., For each time of user information requested 
by the application, the EPM checks for compliance of the application with the privacy 
policies subject to which the users submitted the information; and Paragraphs 0070- 
0073, i.e., "A user request handler 46", "An administrator request handler 48", and "An 
application request handler 50') } "wherein the policy definition comprises: 

a rule that references said resource and comprises at least one action 
associated with the resource (Paragraph, 0013, i.e., A basis privacy policy is 
defined for a root node in the structure, typically the enterprise home page), 

a condition that comprises a constraint on the at least one action 
(Paragraph 0070, i.e., A user request handler 46 manages privacy-related 
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interactions with site users, such as supplying policy information retrieved by 
policy engine 42; and also note Paragraphs 0071-0072), 

a subject that defines a collection of users to whom the policy definition 
applies (Paragraph 0014, i.e., policy to different types of users); and 

a referral that comprises an identification of a second policy decision point 
to which the evaluation of the policy definition is being delegated (Paragraph 
001 3, i.e., Additional privacy rules are defined for other nodes in the hierarchy. 
The privacy for any given node is determined by combing the privacy policy of its 
parents with the additional privacy rules defined for the node itself. Thus, the 
level of privacy provided for user information typically increases as the user 
progresses deeper into the hierarchy and is asked to submit additional personal 
information or to authorized additional uses of information already submitted) 11 . 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to combine the method taught by Sylor for managing resources 
with the method taught by Brun for managing distributed directory services and locating 
network resources and the method of Barzilai for applying hierarchical privacy rules to 
hierarchies of information resources so that the combined system and method would 
compare the name of a first resource and the name of a second resource to identify 
their relationship based on their names and represent them in a hierarchical 
organization reflecting the relationship, wherein said hierarchical organization would 
comprise a top-level name and a plurality of sub-resource names corresponding said 
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top level name, wherein said plurality of sub-resource names comprises said top-level 
name and an additional name portion separated from said top-level resource name by a 
delimiter. One would have been motivated in order to define a simple and effective 
method and system for locating a resource in large networks (Brun, Column 8 Line-20- 
24) and in order to offer a structured solution to managing variations in privacy policy 
that may be implemented in different parts of an enterprise (Barzilai, Paragraph, 0010). 

Claim 9, 16, and 24 are rejected on the same basis as claim 1. 

Referring to claim 3, Sylor teaches the limitation: 
"listing said resources in order according to their respective relationships 
(Paragraph 0137-01150, i.e., Fishbone Hierarchy ). 

Claim 18 is rejected on the same basis claim 3. 

Referring to claim 8, Sylor teaches the limitation: 

"one of the first and second resources is identified as a sub-resource of the 
other" (Paragraph 0076-0090. Also refer to the response to the applicant's arguments 
above for this limitation.). 

Claim 23 is rejected on the same basis as claim 8. 
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As per claim 4, both Sylor and Brun teaches the limitation: 
"a resource name comprises a plurality of components, wherein one component 
is separated from another component by a said limiter" (Brun, Column 15 Line35-57, 
i.e., Resource Identifier Type: this describes the addressing scheme used for this user 
(E.164, X.121, NSAP). NSAP and other addressing schemes such as E.164, X.121, as 
disclosed by Brun , all employ hierarchical name systems, wherein a top-level name 
and a plurality of sub-resource names corresponding said top level name are used and 
said plurality of sub-resource names comprises said top-level name and an additional 
name portion separated from said top-level resource name by a delimiter (a dot). In 
addition, Sylor also taught the said limitation (Paragraph 0089, i.e., the path-uniqueness 
of directed tree 39). Note that in the said hierarchical tree of resources (logical hierarchy 
of Sylor), parent nodes bear are top-level names and child nodes bear sub-resource 
names to conform to path-uniqueness of a directed tree and that it is well known in the 
art that a path-unique name of a tree comprises name of parents up to the root and 
name of child (i.e., top-level resource name and additional resource name) delimited by 
a slash. 

Claims 1 1 and 19 are rejected on the same basis as claim 4. 

8. Claim 5, 6, 12, 13, 20, 21, 25, and 26 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Sylor in view of Brun, further in view of Barzilai and further in 
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view of Carmel et al. (hereinafter "Carmel") (U.S. Patent Application Publication Number 
2004/0128615). 

Referring to claim 5, the system and method of Sylor in view of Brun and further 
in view of Barzilai does not explicitly teach the limitation: "receiving information 
identifying what is used as said delimiter". 

Carmel teaches the limitation: 

"receiving information identifying what is used as said delimiter" (Paragraph 
0041-0043 and 0047-0048, i.e., predefined context delimiter). Carmel et al. teaches a 
system and method for indexing and querying documents wherein context delimiters are 
used for both indexing and querying into documents (Paragraph 0041-0043 and 0047- 
0048). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to combine the system and method taught by Sylor in view of 
Brun and further in view of Barzilai as applied to claim 4 above with the system and 
method taught by Carmel et al. for indexing and querying into^documents so that, in the 
combined system and method, comparing would comprise receiving information 
identifying what is used as the delimiter in resource names. One would have been 
motivated to do so simply to identify different components of the resource name. 

Claim 12, 20 and 25 are rejected on the same basis as claim 5. 

Referring to claim 6, Carmel teaches the limitation: 
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"receiving information for wildcard pattern matching of resource names" 
(Paragraph 0049, i.e., wildcard query). 

Claim 13, 21 and 26 are rejected on the same basis as claim 6. 

9. Claim 7, 14, 22, and 27 are rejected under 3.5 U.S.C. 103(a) as being 
unpatentable over Sylor in view of Brun, further in view of Barzilai and further in view of 
Shrader et al. (hereinafter "Shrader") (U.S. Patent Number 6026440). 

Referring to claim 7, the system and method of Sylor in view of Brun and further 
in view of Barzilai does not explicitly teach the limitation: "receiving information 
indicating whether a resource name is case-sensitive". 

Shrader teaches the limitation: 

"receiving information indicating whether a resource name is case-sensitive" 
(Column 9 Line-55 through Column 10 Line-22, i.e., not case sensitive). Shrader etal. 
teaches a system and method for web server account management wherein threshold 
keywords are indicated whether they are case-sensitive or not (Column 9 Line-55 
through Column 10 Line-20+). 

At the time the invention was made, it would have obvious to a person of ordinary 
skill in the art to add the feature of identifying whether keywords/names are case- 
sensitive or not as taught by Shrader et al. to the system and method taught by Sylor in 
view of Brun and further in view of Barzilai as applied to claim 4 above so that, in the 
resultant system and method, comparing would comprise receiving information 
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indicating whether a resource name is case-sensitive or not. One would have been 
motivated to do so simply for better identification of resource names. 

Claim 14, 22 and 27 are rejected on the same basis as claim 7. 

10. Claim 28 is rejected under 35 U.S.C. 103(a) as being unpatentable over Sylor in 
view of Brun, further in view of Barzilai and further in view of Ramamoorthy and further 
in view of Cheng et al., (hereinafter "Cheng") (U.S. Patent Number 5544322). 

Referring to claim 28, Sylor in view of Brun and further in view of Barzilai does 
not explicitly teach the limitation: "forwarding the request identifying the resource from a 
first policy decision point to a second policy decision point for evaluation". 

Cheng teaches the limitation: 

"forwarding the request identifying the resource from a first policy decision point 
to a second policy decision point for evaluation" (Column 6 Line 65-67, i.e., sent to 
policy server). Cheng et al. teaches a method and system for policy-based 
authentication wherein a request for access could be referred to another policy server 
for evaluation (Column 6 Line 65-67). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to add the feature of referring requests for access to another 
policy server as taught by Cheng et al. to the method of Sylor in view of Brun and 
further in view of Barzilai so that, in the resultant method, the request for resource 
would be forwarded to another policy server (a second decision point). One would have 
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been motivated to do so in order to provide a client "an authentication path that 
complies with both server's policy and the client's policy (if such a path exists)" (Cheng 
et al. Column 2, Line 45-48). 

1 1 . Referring to claim 29, Official Note is taken that the use of a cache for 
subsequent requests/processes is notoriously well known in the art. 
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Conclusion 

12. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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Contact Information 



1 3. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Dennis Myint whose telephone number is (571) 272- 
5629. The examiner can normally be reached on 8:30AM-5:30PM Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, John Breene can be reached on (571) 272-4107. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Examiner 
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